Advisories ยป MGASA-2019-0038

Updated nss packages fix security vulnerability

Publication date: 15 Jan 2019
Modification date: 15 Jan 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-0495

Description

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation.
A local attacker could possibly use this issue to perform a cache-timing
attack and recover private ECDSA keys (CVE-2018-0495).
                

References

SRPMS

6/core